It shows how utterly careful one have to be
if one have something to hide. Fortunately
I only have such secrets as being a total noob
and very naive and too talkative and verbose
but that is only a secret to me and obvious to
everybody else. Still integrity is important due to
the identity theft allowing people to buy things
in your name if they know enough about you._________________I use Google Search on Puppy Forum
not an ideal solution though

I don't think so. I can see that it would be extremely time-consuming to determine just how "random" the numbers generated by a RNG really are. So anyone using a RNG just assumes the numbers are truly "random." But if the NSA know that an encryption program uses "random" numbers that are far less random than everyone assumes, it may make their job of breaking the encryption easier. Of course, it would make any snoop's job easier, and it would impact algorithms that have nothing to do with encryption or security but depend on the random number generator.

QUOTE...
From 3rd link in 1st post:
"The act of breaking into a computer system has to have the same social stigma as breaking into a neighbor's house.
It should not matter that the neighbor's door is unlocked."
It's my understanding that...
Under English and Scottish law...
You do not [cannot be accused of] breaking into an UNLOCKED premises/house.
e.g. If a stranger walks into to your unlocked house.
You can ask them to leave, and they MUST leave when asked, or...
You can use minimum force [and escalate if necessary] to get them out.
But they have committed no offense by entering.

I don't know anything about English or Scottish law, but if you can't be accused of breaking and entering an unlocked house, surely you can be accused of trespassing. Any cop can find a law to suit the occasion.

Unchecked, from memory of exams well over 50 years ago - under English law "trespass" is a tort (of which the simple definition is "a civil wrong other than breach of contract", but it's far from simple).

Trespass Scottish
QUOTE:
"Section 3 of the Act makes it an offence for any person to lodge in any premises, or occupy or encamp on any land, being private property, without the consent of the owner or legal occupier. While the the use of the words lodge, occupy and encamp could be taken to imply a degree of permanency on the part of the trespasser, their scope could possibly be construed to apply to loitering by a determined lawyer if one did anything other than access, or cross over such property for example."

This is a whole different ball game from simply entering/accessing without breaking in, or tampering with a lock, or using something other than the "true key".

That's what I thought. If you rely on hardware encoding, you have a hardware "password" that can be cracked. If you rely entirely on software, that can be customized for every use (generate their own random number/keyring).

Depending on implementation, that may not prevent a targeted attack against an individual, but it would limit the ability to perform widespread snooping.

Quote:

I can see that it would be extremely time-consuming to determine just how "random" the numbers generated by a RNG really are. So anyone using a RNG just assumes the numbers are truly "random." But if the NSA know that an encryption program uses "random" numbers that are far less random than everyone assumes, it may make their job of breaking the encryption easier. Of course, it would make any snoop's job easier, and it would impact algorithms that have nothing to do with encryption or security but depend on the random number generator.

Well, they numbers have to be pseudorandom, otherwise you can't ever reproduce the string. A true random "seed" is a good idea.

Schneier knows enough to avoid the main pitfalls -- that's how he broke the MS "secure server" that they touted as unbreakable. He broke their old/dated PRNG, which allowed him rapid access.